Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer
File: kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer (raw, json)
Hash identifier: DNQe/Bk2WbDJ+8F0cezQxv/Ej7F7fVDd/3Mc0HE+3fg=
Subject key identifier: 90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01C511
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 20 Oct 2023 02:09:04 +0000
Certificate not after: Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 9465
IP: 103.255.0.0/23
IP: 2401:26e0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 May 2024 23:13:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115985 (0x1c511)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 20 02:09:04 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=A91248C9/serialNumber=90F680FCA7C930FD1FDC533675385AE90FB41672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:00:50:1c:4e:32:ca:c5:31:91:e0:da:06:b5:
1c:53:ca:e4:87:45:48:1e:f5:42:14:f8:64:a2:a5:
56:59:6b:7f:17:69:18:84:80:86:5a:d3:db:44:fe:
4f:ef:40:d2:db:97:29:90:db:81:22:ea:5f:ac:4b:
3a:69:99:f7:f9:68:ba:4b:c3:79:01:ad:42:e9:b9:
78:14:a6:a5:15:7c:63:5f:6f:5d:38:9c:e3:5d:3f:
d1:1a:c8:16:06:77:9e:32:d3:9e:af:ec:ea:f1:d0:
a7:b5:57:9a:58:ea:16:51:67:09:85:c0:ed:f5:2d:
61:d8:65:ce:f8:cb:81:e7:f5:c5:60:fa:dd:d0:cd:
f8:d2:47:16:c6:6f:09:a1:8a:1b:4f:d8:c0:f1:37:
63:bc:49:dd:5f:8a:3e:7c:b3:57:a3:23:cc:8e:40:
8b:65:ae:4a:64:35:03:4e:61:3c:af:f2:41:f2:cd:
6a:2e:fe:25:2d:ab:f4:c4:03:bf:b3:de:52:2b:7b:
7c:7d:c9:12:60:ab:c8:32:cb:6a:8c:fe:a3:25:7d:
10:c9:e6:14:24:54:7e:1d:17:9d:04:6d:7a:c5:25:
b5:2b:fd:db:23:25:50:46:19:fa:45:06:bf:6c:9b:
e0:37:61:83:ab:ca:c9:35:66:b7:5d:aa:98:70:66:
80:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9465
sbgp-ipAddrBlock: critical
IPv4:
103.255.0.0/23
IPv6:
2401:26e0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:6e:64:eb:34:3e:62:8b:8d:5e:14:39:2a:f6:06:0e:cf:9e:
5a:9e:61:22:cb:27:8b:bf:aa:72:da:7e:7f:9e:c5:aa:7f:e7:
50:a5:1b:4d:1b:3e:32:dc:8b:c9:98:44:4f:7a:52:47:0d:d8:
0d:50:5f:1f:21:9c:07:15:de:69:d9:9d:3a:a7:6a:e7:cc:eb:
ae:12:34:db:84:70:64:01:a8:b5:fa:69:da:12:c4:ef:7c:0c:
db:84:b3:d9:1d:66:2b:fb:59:b5:89:79:df:c0:42:f5:3b:b9:
fd:51:78:d4:97:f4:18:ad:cd:b7:45:2d:d4:a0:95:f2:e9:73:
31:66:47:39:f1:51:a0:6e:e0:81:0e:89:da:a6:2b:3c:e7:7a:
2c:12:ff:d1:42:d0:49:6a:3c:77:25:8a:c9:71:df:f2:32:04:
a4:9a:aa:c5:da:ab:d9:11:4d:35:d5:ec:df:19:67:49:dc:24:
bb:dd:62:09:9d:2e:38:bb:83:30:17:f8:d8:43:7d:00:8a:96:
ad:10:d9:7d:a1:6f:da:bc:17:bf:2c:b7:eb:e7:c2:89:81:88:
77:c1:2a:a8:07:90:d5:72:46:54:7f:eb:46:0f:59:83:07:6a:
45:38:60:4a:1c:63:58:d4:76:ab:2d:65:2e:16:88:ca:41:d4:
b6:66:ee:cc
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgIDAcURMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAyMDAyMDkwNFoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjQ4QzkxMTAvBgNVBAUTKDkwRjY4MEZDQTdDOTMwRkQxRkRDNTMz
Njc1Mzg1QUU5MEZCNDE2NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCAFAcTjLKxTGR4NoGtRxTyuSHRUge9UIU+GSipVZZa38XaRiEgIZa09tE/k/v
QNLblymQ24Ei6l+sSzppmff5aLpLw3kBrULpuXgUpqUVfGNfb104nONdP9EayBYG
d54y056v7Orx0Ke1V5pY6hZRZwmFwO31LWHYZc74y4Hn9cVg+t3QzfjSRxbGbwmh
ihtP2MDxN2O8Sd1fij58s1ejI8yOQItlrkpkNQNOYTyv8kHyzWou/iUtq/TEA7+z
3lIre3x9yRJgq8gyy2qM/qMlfRDJ5hQkVH4dF50EbXrFJbUr/dsjJVBGGfpFBr9s
m+A3YYOrysk1ZrddqphwZoC/AgMBAAGjggMdMIIDGTAdBgNVHQ4EFgQUkPaA/KfJ
MP0f3FM2dTha6Q+0FnIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI0OEM5L0EwNTVCNUIyNkVFRDExRUVCQzFBQUI1M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNDhDOS9BMDU1QjVCMjZFRUQxMUVFQkMxQUFCNTNDNEY5QUUwMi9rUGFBX0tm
Sk1QMGYzRk0yZFRoYTZRLTBGbkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICJPkwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFn/wAwDQQCAAIw
BwMFACQBJuAwDQYJKoZIhvcNAQELBQADggEBAE9uZOs0PmKLjV4UOSr2Bg7Pnlqe
YSLLJ4u/qnLafn+exap/51ClG00bPjLci8mYRE96UkcN2A1QXx8hnAcV3mnZnTqn
aufM664SNNuEcGQBqLX6adoSxO98DNuEs9kdZiv7WbWJed/AQvU7uf1ReNSX9Bit
zbdFLdSglfLpczFmRznxUaBu4IEOidqmKzzneiwS/9FC0ElqPHclislx3/IyBKSa
qsXaq9kRTTXV7N8ZZ0ncJLvdYgmdLji7gzAX+NhDfQCKlq0Q2X2hb9q8F78st+vn
womBiHfBKqgHkNVyRlR/60YPWYMHakU4YEocY1jUdqstZS4WiMpB1LZm7sw=
-----END CERTIFICATE-----
Generated at Thu May 2 00:11:08 2024 by rpki-client on console-ams.rpki-client.org